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IN THE CLAIMS : 

1 . (Currently Amended) A method comprising: 

computing an authentication code using a first key and a second key within a 
responder, 

transmitting said second key and said authentication code from said responder to 
an initiator using a first conraiunication channel, after computing said authentication 
code, 

transmitting said first key fi-om said responder to said initiator using a second 
communication channel, 

computing a verification code using said first key and said second key within said 
initiator, 

comparing said verification code with said authentication code within said 
initiator, and 

authenticating said responder as a correct communication partner if said 
comparing checks out, 

wherein said second key is a secret key and said first communication chaimel is a 
secure channel. 

2. (Previously Presented) The method of claim 1 , wherein the first key is generated 
within said responder. 

3. (Previously Presented) The method of claim 1, wherein the second key is 
generated within said responder. 

4. (Previously Presented) The method of claim 1, wherein in the transmitting of said 
second key and said authentication code, said second key and said authentication code are 
transmitted via a confidential or authenticated communication channel or both. 

5. (Previously Presented) The method of claim 1 , wherein in the transmitting of said 
first key, said first key is transmitted via an open commxmication channel. 
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6. (Currently Amended) The method of claim 1, wherein said second key is 
composed of a first part and a second part and wherein said first part is used for 
computing said authentication code and said second part is used for calculating an 
authentication value . 

7. (Original) The method of claim 6, wherein said first part is an empty string and 
wherein said authentication code is calculated as an unkeyed hash code. 

8. (Original) The method of claim 1, wherein said authentication code and said 
verification code are computed using an algorithm to compute a short message 
authentication code. 

9. (Currently Amended) The method of claim 1 , wherein if the comparison of 
authentication code and verification code yields a difference, said initiator 
requests said responder to retransmit said first key. 

10. (Previously Presented) The method of claim 1 fiirther comprising calculating an 
authentication value within said initiator using said second key. 

11. (Original) The method of claim 10, wherein said authentication code is calculated 
using a pseudo random function. 

12. (Currently Amended) The method of claim 10, fiirther comprising using said 
authentication value for authenticating messages that have been transmitted fi-om 
said initiator to said responder, or vice versa. 

13. (Currently Amended) The method of claim 12, wherein the computing of an 
authentication code and the transmitting of said second key and said authentication code 
[[are]] utiHze pre-authentication messages, and wherein the transmitting of said first key 
and the using of said authentication value [[are]] utilize intemet key exchange protocol 
messages. 
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14. (Currently Amended) A method comprising: 

computing an authentication code using a raw public key and a second key within 
a responder, 

transmitting said second key and said authentication code from said responder to 
an initiator using a first communication channel, after computing said authentication 
code, 

transmitting said raw public key from said responder to said initiator within an 
encrypted certification payload using a second communication channel, 

extracting said raw public key from said encrypted certification payload, 

computing a verification code using said raw public key and said second key 
within said initiator, 

comparing said verification code with said authentication code within said 
initiator, and 

authenticating said responder as a correct communication partner if said 
comparing checks out, 

wherein said second key is a secret key and said first communication channel is a 
secure channel. 

15. (Previously Presented) The method of claim 14, wherein the first key is generated 
within said responder. 

16. (Previously Presented) The method of claim 14, wherein the second key is 
generated within said responder. 

17. (Previously Presented) The method of claim 14, wherein the transmitting of said 
second key and said authentication code, said second key and said authentication 
code are transmitted via a confidential or authenticated communication channel or 
both. 

1 8. (Previously Presented) The method of claim 14, wherein said second key is 
composed of a first part and a second part and wherein said first part is used for 
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computing said authentication code and said second part is used for calculating an 
authentication value. 

19. (Original) The method of claim 14, wherein said first part is an empty string and 
wherein said authentication code is calculated as an unkeyed hash code. 

20. (Previously Presented) The method of claim 14, wherein in the transmitting of 
said raw public key, said encrypted certification payload comprising said raw 
public key is transmitted via an open communication channel. 

21 . (Original) The method of claim 14, wherein said authentication code and said 
verification code are computed using an algorithm to compute a short message 
authentication code. 

22. (Previously Presented) The method of claim 14, wherein if the comparison of the 
authentication code and the verification code yields a difference, said initiator 
requests said responder to retransmit said certification payload. 

23. (Original) The method of claim 14, wherein in fiirther steps for communicating 
the second key is used for authenticating the initiator to the responder. 

24. (Currently Amended) The method of claim 14, wherein the computing of an 
authentication code and the transmitting of said second key and said 
authentication code [[are]] utilize pre-authentication messages and wherein the 
transmitting of said raw public key [[is]] utilizes an internet key exchange 
protocol with extended authentication protocol message. 

25. (Currently Amended) A system for encrypting messages transmitted between an 
initiator and a responder, wherein 

- said responder comprises 

- computing means for computing an authentication code fi:om a first key and a 
second key, 
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- first transmission means for transmitting said second key and said 
authentication code fi"om said responder to said initiator using a first 
communication channel, after computing said authentication code, and 

- second transmission means for transmitting said first key from said responder 
to said initiator using a second communication channel, and wherein 

- said initiator comprises 

- first transmission means for receiving said second key and said authentication 
code from said responder via said first communication chaimel, 

- second transmission means for receiving said first key from said responder 
via said second communication channel, 

- computing means to compute a verification code from said first key and said 
second key, and 

comparing means for comparing said verification code with said 
authentication code, 

- wherein said second key is a secret key and said first communication channel is a 
secure channel. 

26. (Previously Presented) The system of claim 25, wherein said responder fiirther 
comprises generating means for generating the first key or the second key or both. 

27. (Previously Presented) The system of claim 25, wherein said first transmission 
means of said responder and said initiator allow communicating via a confidential or 
authenticated communication chaimel or both. 

28. (Original) The system of claim 25, wherein said second transmission means of 
said responder and said initiator allow communicating via an open 
communication channel. 

29. CANCEL. 

30. CANCEL. 



6 



Attorney Docket No. 915-007.049 

10/677,642 

3 1 . (Original) The system of claim 25, wherein said initiator and said responder 
comprise operating means to be operated according to an internet key exchange protocol. 

32. CANCEL 

33. (Currently Amended) A computer readable medium with a computer program 
stored thereon with instructions operable to cause a processor to secure a communication 
between an initiator and a responder of said conmiunication by: 

computing an authentication code using a first key and a second key within said 
responder, 

transmitting said second key and said authentication code from said responder to 
said initiator using a first communication channel, after computing said authentication 
code. 

transmitting said first key fi-om said responder to said initiator using a second 
communication channel, 

computing a verification code using said first key and said second key within said 
initiator, and 

comparing said verification code with said authentication code within said 
initiator, 

wherein said second key is a secret key and said first commimication channel is a 
secure chaimel. 

34-39. CANCEL 

40. (Previously Presented) The at least one computer readable medium of claim 33, 
wherein the commimication is also secured by said initiator requesting said responder to 
retransmit said first key if the comparison of authentication code and verification code 
jdelds a difference. 

41-44. CANCEL 
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45. (New) The method of claim 1 , wherein said computing the authentication code 
and said computing the verification code both use a message authentication code function 

of only two variables, said two variables being the first key and the second key. 
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